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-• The MAILING DA TE of this communication app ars on the cover sh et with th correspond nee address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 10 December 2004 . 
2^flh\s action i s FINAL. 2ti)l^f This action is non-final. 

o)D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1. 5-8, 12-15.19-22 and 25-27 is/are pending in the application. 
4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6M Claim(s) 1. 5-8. 12-15.19-22 and 25-27 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 10 December 2004 is/are: a)M accepted or b)D objected to by the Examiner. 
Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 
2.D Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Drawings 

1 . The formal drawing submitted on 12/10/2004 are accepted by examiner. 

Response to Arguments 

2. No amendments to the claims have been made by Applicant. 

3. Claims 1, 5-8, 12-15, 19-22 and 25-27 are pending. 

4. Referring to the independent claims 1, 8, 15, 22 and 27, Applicant argues that 
Carrol does not teach a suggestion to use the policies recited in the instant claims. 
Examiner points out that the independent claims recite "at least one of a policy to 
access ... , etc". Carroll teaches that authentication includes reliably determining the 
identity of a network device contacting the secure application (see column 3, lines 19- 
21). Carroll teaches that the user terminal 18 (FIG. 1) contacts the organization server 
66 over the computer network 14 (FIG. 1) and transmits access request and the digital 
certificate (see column 7, lines 55-60). Carroll also teaches that if the application server 
verifies the digital certificate, the user terminal is granted access to the application (i.e. 
device) -see column 9, lines 1-4. Examiner points out that one of ordinary skill in the 
art would have equated granting an access with associating the special access usage 
policy with the network user, as recited in the instant claims. 

5. Applicant also argues that Derby does not teach the policies recited in the 
independent claims. Examiner points out that Derby, while not explicitly using the term 
"policy", does teach enforcing a list of security issues (see col. 9, lines 45-58). Examiner 
also points out that combination of teaching of Carrol and Derby provides authentication 
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of a digital certificate and association of the at least access policy with the user, who 
has provided a particular certificate. 

6. Applicant further argues that Carrol does not teach anything about electronic 
payment or billing. Examiner respectfully disagrees and refers Applicant to Fig. 4A-B of 
Carroll. 

7. After giving a thorough consideration to Applicant's remarks and amendments of 
the claims, examiner maintains rejections of claims 1, 5-8, 12-15, 19-22 and 25-27. 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 1, 5-8, 12-15, 19-22 and 25-27 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Carroll (U.S. Patent No. 6.105.131) in view of Debry (U.S. 
Patent No. 6.314.521 B1). 

10. Referring to the instant claims, Carroll discloses a secure server and method of 
operation for a distributed information system (see abstract and Fig.1). 

Carroll teaches a user terminal 18 includes an application 26, for example a browser, 
that is responsive to user input and connects to remote applications across a computer 
network 14. Keys used for encryption and authentication are managed by built-in key 
ring organizer 27 in the browser 26 (see Fig.1). Carroll teaches that authentication 
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includes reliably determining the identity of a network device contacting the secure 
application (see column 3, lines 19-21). Carroll teaches that the user terminal 18 (FIG. 
1) contacts the organization server 66 over the computer network 14 (FIG. 1) and 
transmits access request and the digital certificate (see column 7, lines 55-60). 

1 1 . Referring to the independent claims 1 , 8, 1 5 and 22, the limitation "assigning a 
digital certificate to a network user" is met by the Certificate Management System, 
which transmits a digital certificate to the user's personal vault and the process in the 
personal vault then transmits the new digital certificate to the user's browser (see 
column 8, lines 37-39). The limitation "receiving a command for operation of a network 
device and the digital certificate from the network user" is met by the user terminal 1 8 
(FIG. 1) contacting the organization server 66 over the computer network 14 (FIG. 1) 
and transmitting access request and the digital certificate (see column 7, lines 55-60). 
The limitation "enabling operation of the network device if the digital certificate of the 
network user is authenticated" is met by teaching that, if the application server verifies 
the digital certificate, the user terminal is granted access to the application (i.e. device) - 
see column 9, lines 1-4. 

While Carroll teaches the use of the built-in key ring organizer 27 in the browser 26 (in 
Fig. 1 ), he does not explicitly teach using a cryptographic key stored in the network 
device for authenticating the digital certificate of the network user. 

12. Referring to the instant claims, Debry discloses a Secure configuration of a digital 
certificate for a printer or other network device (see abstract and Fig.1 ). Debry teaches 
that the printer has a unique encryption key stored in it at manufacturing time. This key 
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is also recorded in a database, securely controlled by a certificate authority (see 
abstract). This key is used for authentication of a digital certificate (see Fig.1 unit 50). 
Therefore, at the time the invention was made, it would have been obvious to one of 
ordinary skill in the art to modify the secure server system of Carroll, which uses the 
digital certificate of a network user for enabling operation of the network device, by 
having the encryption key stored in the printer (i.e. network device) as taught in Debry. 
One of ordinary skill in the art would have been motivated to modify the secure server 
system, which uses the digital certificate of a network user for enabling operation of the 
network device, by having the encryption key stored in the network device as taught in 
Debry for use in authenticating (see abstract). 

13. Referring to claims 6,13 and 20, Derby teaches encrypting and decrypting the 
message request containing it's serial number (see abstract), which meets the limitation 
"encrypting/ decrypting the command for operation of the network device". The serial 
number is associated with the operation permission of the printer. 

14. Referring to claims 1, 8, 15, 22 and 27, Debry explicitly teaches a network device 
being a printer. 

15. Referring to claim 5, 12 and 19, Carroll teaches that the network user is another 
network device (see Fig.1) - network user is a client (18) connected to the servers (12 
and 66) over the network (10). 

16. Referring to claims 6, 13, 20, Carroll teaches that the user terminal 18 (FIG. 1) 
contacts the organization server 66 over the computer network 14 (FIG. 1) and 
transmits access request and the digital certificate (see column 7, lines 55-60). 
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17. Referring to claim 1 , 8, 1 5, 22 and 27, Carroll teaches using the system for 
electronic payments and billing functions (see Fig. 4A-B). 

18. Referring to claim 26, Carroll teaches the limitation "command for operation of the 
network device is re-routed to the second network device..." - see Fig.1 . Either the 
server 12 or the server 66 meet the second network device where the command is re- 
routed to. 



Conclusion 

17. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Grigory Gurshman whose telephone number is 
(571)272-3803. The examiner can normally be reached on 9 AM-5:30 PM. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571)272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the TC 2100 receptionist whose telephone number is 
(703) 305-3900. 



GO 



Grigory Gurshman 

Examiner 

Art Unit 2132 
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GILBERTO BARRON JX- 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



